New Malware Campaign Targets Inexperienced Cyber Criminals with OpenBullet Configs
Aug 07, 2023
Cyber Crime / Malware
A new malware campaign has been observed making use of malicious OpenBullet configuration files to target inexperienced cyber criminals with the goal of delivering a remote access trojan (RAT) capable of stealing sensitive information. Bot mitigation company Kasada said the activity is designed to "exploit trusted criminal networks," describing it as an instance of advanced threat actors "preying on beginner hackers." OpenBullet is a legitimate open-source pen testing tool used for automating credential stuffing attacks. It takes in a configuration file that's tailored to a specific website and can combine it with a password list procured through other means to log successful attempts. "OpenBullet can be used with Puppeteer, which is a headless browser that can be used for automating web interactions," the company said . "This makes it very easy to launch credential stuffing attacks without having to deal with browser windows popping u...
